Monday, August 9, 2010

Apple tries to prevent remote attack

Apple is quietly wrestling with a security conundrum. How the company handles it could dictate the pace at which cybercriminals accelerate attacks on iPhones and iPads.
Apple is hustling to issue a patch for a milestone security flaw that makes it possible to remotely hack — or jailbreak — iOS, the operating system for iPhones, iPads and iPod Touch.

The patch is completed, Apple spokeswoman Natalie Kerris said in an interview. But Kerris said on Friday that she was not able to give a time frame for its public release.

Jailbreaking refers to hacking iOS to download Web apps not approved by Apple. This used to be difficult. A website came along this spring called that made it trivial to jailbreak your own iPhone or iPad. Last week, a technique for remote jailbreaking appeared on the site. It's now possible to access the operating system of an iPhone or iPad owned by someone else.

An attacker would get "fairly complete control of affected devices," said Michael Price, an operations manager for McAfee Labs. No such attacks are known to have happened, he says.

For the moment, the most visible concern for Apple has been pranksters going into Apple and Best Buy retail stores and jailbreaking display models, according to tech blog Engadget. Yet, the security and privacy issues are serious.

Security experts expect the pattern that has come to dominate the PC world to begin to permeate smart phones. Bad guys continually flush out new security flaws in PCs, then tap into them to launch malicious attacks. Good guys, meanwhile, scramble to patch and block.

Now, cybercriminals are rapidly adapting PC hacking techniques to all smart phone platforms, including Symbian, Google Android, Windows Mobile, RIM BlackBerry and Apple iOS.

"It's a brand-new game with new rules," said Dror Shalev, of DroidSecurity, which supplies protection for Google Android phones. "We're seeing rapid growth in threats as a side effect of the mobile Web app revolution."

IPhones have become a pop culture icon in the U.S., and now it's the iPad. "The more popular these devices become, the more likely they are to get the attention of attackers," said Joshua Talbot, intelligence manager at Symantec Security Response.

Home Warranty FAQBlackberry takes fight to iPhone